[NTLUG:Discuss] Sendmail with Drac authentication.....

Kelledin kelledin+NTLUG at skarpsey.dyndns.org
Mon Jan 5 23:24:58 CST 2004 

On Monday 05 January 2004 10:46 pm, Douglas King wrote:
> HELP!  I made a change last night that I THOUGHT (bad idea) to
> try to reduce the SPAM on my mail server.  However, here is
> what I did.
>
> I removed a setting in the M4 config called " Feature
> FEATURE(`accept_unresolvable_domains')".  Well...thinking that
> this would require reverse DNS, I removed this setting.  Now,
> folks outside MY network get a "relaying denied" message when
> trying to send a message back out.  I use Eudora's POP3 Mail
> extension to authenticate the POP3 portion, DRAC is used to
> keep the SPAMMERS from accessing the machine (requiring a
> valid account) before delivery.

Well, it doesn't really require REVERSE dns, it just requires 
dns.  Domains don't have to have a reverse-dns record to be 
considered resolvable, just a valid dns "MX" (mail exchange) 
record.  The more common "A" record might do if an MX record is 
missing, but in my experience some versions of sendmail need a 
real honest-to-god MX record.

What you're trying to do here (remove the 
`accept_unresolvable_domains' feature) is generally a good idea, 
as it can block a lot of untraceable spam.

> Now, i can send messages, but "outsiders" cannot.  I have gone
> in and replaced the sendmail.mc file with the "original file"
> (prior to the change), but it still does not work.  Does
> anyone have any ideas on what I've done or HOW can I fix what
> I have done?

It sounds to me like your mailserver isn't getting full DNS 
service.  Perhaps it's working fine for your internal machines 
because it has a sufficient /etc/hosts list to resolve machines 
on the LAN.

> It's already been down 1 full day....time is of the essence. 
> If you respond to THIS request, please also respond to me at
> daking at dak1.net.

Now that sounds like the new sendmail.cf isn't getting 
regenerated.  Some permutation of m4 (usually distro-specific) 
needs to be run to generate sendmail.cf from sendmail.mc.  
Apparently that got done automatically when you first changed 
sendmail.mc and restarted the sendmail daemon.

To make it get done automatically again, try touching sendmail.mc 
to bring the timestamp up-to-date, then restart sendmail like 
you did before.  (In my experience, the "mv" command doesn't 
actually change a file's timestamp.  That might explain why you 
now need to touch sendmail.mc.)

-- 
Kelledin
"If a server crashes in a server farm and no one pings it, does 
it still cost four figures to fix?"

More information about the Discuss mailing list